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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 
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6) ^ Claim(s) 1-29 is/are rejected. 
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DETAILED ACTION 

1. This office action is in response to Applicant's application serial no. 10/081,755. 
Claims 1-29 are pending. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 2/19/2002 has been 
considered by the Examiner. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-29 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Brown et al. (U.S. Patent No. 6,678,733, hereinafter Brown) in view of Joshi et al. (U.S. 
Patent Application Publication U.S. 2002/0112083, hereinafter Joshi). 

In respect to claims 1, 9-15, 17-18, 20, 22-27 and 29, Brown discloses method, 
system, computer readable media for authenticating a client over a communication 
network in a client and server environment; the client requests services from a server; 
the server determines whether the client is authenticated; if the client is authenticated 
grant the service request; if the client is not authenticated, direct the client to obtain an 
authentication token (e.g. Brown, Fig. 6, col. 11, line 22-col. 13, line 25). Brown does 
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not disclose the server storing the request and processing the request after the client is 
authenticated. However, Joshi discloses that when the web server received the client's 
http request, it stores the request in the server; Joshi discloses the process or 
performing authentication actions and administrator can set up a redirect URL for 
authentication success/failure events (e.g. Joshi, Fig. [0241-0242]). Furthermore, 
Official Notice is taken that allowing user to request a service and prompting user to be 
authenticated before granting user the request is old and well known (some websites 
allow user to request services, such as, booking airline ticket or playing a particular 
game, before user is granted the request, user is directed to login and after user is 
authenticated, user will be redirected to proceed with the requested pages). Therefore, 
it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to implement the policy of redirecting the URL in the event of authentication 
success or failure taught by Joshi and Examiner's Official Notice with the teaching of 
Brown's authentication system for the convenience of user attempting to obtain service. 

In respect to claim 2, Brown further discloses verifying an authentication token 
associated with the client (e.g. Brown, col. 12, lines 49-65). 

In respect to claims 3 and 9, Brown further discloses verifying that the 
authentication token has not timed out (e.g. col. 10, lines 30-37 and col. 12, lines 3-22). 

In respect to claim 4, Brown does not explicitly disclose wherein the 
authentication token is a cookie stored by the client. However, Applicant admits using 
authentication token as a form of cookie stored in the client is well known. It would have 
been obvious to implement cookie as a form of authentication with Brown's 
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authentication token such as ticket or encryption key for the benefit of the fact that 
cookie are stored in conveniently stored in the client's system. 

In respect to claims 5, 16 and 28, Brown further discloses wherein the 
authentication token is part of the request received from the client (e.g. Brown, Fig. 6, 
col. 11, line 22-col. 13, line 25). 

In respect to claim 6, Brown further discloses wherein the authentication token is 
encrypted (e.g. Brown, col. 11, line 22-col. 13, line 25). 

In respect to claim 7, the method of claim 1 wherein persisting the request 
comprises storing the request in a file (e.g. Joshi, [0241-0242]). 

In respect to claims 8 and 21 , the method of claim 1 wherein persisting the 
request comprises storing the request in a database (e.g. Joshi, [0241-0242]). 

Conclusion 

4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tongoc Tran whose telephone number is (571 ) 272- 
3843. The examiner can normally be reached on 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse can be reached on (571) 272-3838. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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